Greg Kroah-Hartman, the stable Linux kernel maintainer, could have prefaced his Open Source Summit Europe keynote speech, MDS, Fallout, Zombieland, and Linux, by paraphrasing Winston Churchill: I have nothing to offer but blood sweat and tears for dealing with Intel CPU's security problems.
Or as a Chinese developer told him recently about these problems: "This is a sad talk." The sadness is that the same Intel CPU speculative execution problems, which led to Meltdown and Spectre security issues, are alive and well and causing more trouble.
The problem with how Intel designed speculative execution is that, while anticipating the next action for the CPU to take does indeed speed things up, it also exposes data along the way. That's bad enough on your own server, but when it breaks down the barriers between virtual machines (VM)s in cloud computing environments, it's a security nightmare.
(Score: 2) by coolgopher on Wednesday October 30 2019, @07:15AM (2 children)
AMD still has its PSP to match the Intel ME, which are both Not Good For Security(tm).
These days I'll certainly pick an AMD over an Intel though.
(Score: 2, Insightful) by Anonymous Coward on Wednesday October 30 2019, @07:22AM (1 child)
Intel has security issues far beyond its ME.
(Score: 2) by Freeman on Wednesday October 30 2019, @03:23PM
In other words it's not ME, it's you. Seriously though, you'd think their processor wouldn't be so full of security holes at least when compared with their vastly smaller competition. I've been an AMD user/builder for a long time now. Mostly due to cost of Intel hardware vs AMD hardware, but it's kind of convenient that I also got the more secure option.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"